SQL Injection Attack Tutorial (2019)

Published: 22 June 2018
on channel: HackHappy
404,626
7k

SQL Injection attacks are still as common today as they were ten years ago. Today I'll discuss what are SQLi and how you can exploit SQLi vulnerabilities found in software.

📌 Try out my Python Ethical Hacker Course: https://goo.gl/EhU58t

📌Get 25 Python Books for only $0.60 each:
https://goo.gl/78gZQ5
📌Limited Edition Hacker Gear: https://goo.gl/H3TJEC

In this SQL Injection tutorial I will cover the following topics:
- What is SQL
- What does SQL do
- How SQL is used
- SQL Injection attack example
- Enumerating database servers
- Dumping User Credentials

SQL Injections are easy to exploit as you need nothing more than a web browser to carry out a SQL attack. SQL injections usually take place during user input, like their username. Instead of a username the user enters a SQL statement that will unknowingly run on the database.

A prosperous SQL injection attack can read sensitive data from the database, modify database data (insert/update/efface), execute administration operations on the database (such as shutdown the DBMS), recuperate the content of a given file on the DBMS file system or write files into the file system, and, in some cases, issue commands to the operating system.

SQL Injection attacks can be divided into the following three classes:

- Inband: data is extracted using the same channel that is used to inject the SQL code. This is the most straightforward kind of attack, in which the retrieved data is presented directly in the application web page.

- Out-of-band: data is retrieved using a different channel.

-Inferential or Blind: there is no actual transfer of data, but the tester is able to reconstruct the information by sending particular requests and observing the resulting behavior of the DB Server.

**DISCLAIMER**
This video content has been made available for informational and educational purposes only. The content within this video is meant to educate viewers on cyber security topics, methodologies, and tactics to better protect against cyber security threats. Don't be evil.


On this page of the site you can watch the video online SQL Injection Attack Tutorial (2019) with a duration of hours minute second in good quality, which was uploaded by the user HackHappy 22 June 2018, share the link with friends and acquaintances, this video has already been watched 404,626 times on youtube and it was liked by 7 thousand viewers. Enjoy your viewing!